Map AWS AI assets before GuardDuty AI findings hit your queue

AWS Security Hub launch image from AWS Security Blog.AWS Security Blog
AWS Security Hub launch image from AWS Security Blog.AWS Security Blog
Tools & Apps

AWS added AI Inventory to Security Hub and made GuardDuty AI Protection generally available, giving cloud security teams a native way to discover AI assets and detect Bedrock or SageMaker abuse.

Confirmed: AWS added two native AI-security controls on July 14, 2026. Security Hub now includes AI Inventory for organization-wide asset visibility, and GuardDuty AI Protection is generally available for Bedrock and SageMaker threat detection. Treat this as a cloud-security operations update, not a model launch: the value is finding AI workloads, mapping them to infrastructure, and catching abuse before the bill or incident queue exposes it.

AWS Security Hub AI workload protection launch image
AWS Security Hub AI workload protection launch image
Source image: AWS Security Blog.

What changed

AWS Security Hub AI Inventory now gives security teams a continuously updated view of AI assets and their posture across an AWS organization. AWS says the inventory covers managed AI services such as Amazon Bedrock, Bedrock AgentCore, and Amazon SageMaker through AWS Config, and can also identify self-hosted AI workloads through Amazon Inspector SBOM analysis.

GuardDuty AI Protection is now generally available for Amazon Bedrock and SageMaker. It looks for unusual model invocation patterns, cost harvesting attacks, and prompt injection attempts connected to Bedrock Guardrails. Findings flow into Security Hub so teams can connect AI-threat alerts to the asset, account, network, IAM role, and related infrastructure behind the workload.

Why this is early

The reliable first signal is AWS's own July 14 security announcement and the matching What's New entries. The independent confirmation comes from Constellation Research, which reported the same launch set: GuardDuty AI Protection generally available, AI Inventory generally available, AI-powered investigations in preview, and Azure monitoring added to Security Hub.

This is early in the operational sense. Many teams still do not have a complete AI asset register, especially when developers call external model APIs from EC2, Lambda, containers, or internal agents. Security Hub AI Inventory gives them a native AWS starting point, but every account still needs rollout checks.

Key takeaways

  • Security Hub AI Inventory is generally available and included with Security Hub Essentials at no additional cost, according to AWS.
  • GuardDuty AI Protection is generally available for GuardDuty customers and starts with a 30-day free trial.
  • The main covered AWS AI services are Bedrock and SageMaker, with inventory coverage also touching Bedrock AgentCore and self-hosted models through Inspector analysis.
  • GuardDuty AI Protection targets anomalous invocations, cost harvesting, and prompt injection signals tied to Bedrock Guardrails.
  • AI-powered GuardDuty investigations are separate and still in preview in 10 AWS Regions.
FeatureBest fitAccess/statusCaveat
Security Hub AI InventoryFinding AI assets across AWS accountsGA; included with Security Hub EssentialsVerify coverage for external model APIs and self-hosted stacks
GuardDuty AI ProtectionDetecting Bedrock and SageMaker abuseGA; GuardDuty customers, 30-day free trialCheck region support and pricing before broad enablement
AI-powered investigationsFaster GuardDuty triagePreview in 10 AWS RegionsDo not treat preview summaries as final incident evidence
Azure monitoring in Security HubCross-cloud posture viewAWS says Azure support is now availableScope and pricing need tenant-level validation

Availability and access

AWS says AI Inventory requires no new enablement when Security Hub Essentials is in place and is available in commercial Regions where Security Hub is offered. GuardDuty AI Protection can be enabled from the GuardDuty or Security Hub console and can be centrally enabled through AWS Organizations.

Pricing details still matter. GuardDuty AI Protection has a trial, then follows GuardDuty pricing. Security Hub AI Inventory is included with Essentials, but teams should confirm the cost of the underlying services that feed it, such as CloudTrail data events, Inspector coverage, Security Hub plan selection, and any multi-account aggregation choices.

Practical LinkLoot angle

Start with inventory, not alert tuning. List every Bedrock app, SageMaker endpoint, AgentCore workflow, self-hosted inference stack, and external model API call Security Hub can see. Then compare that list with finance, platform engineering, and data-science records. Any mismatch is a security gap.

Good first workflow:

  • Turn on or validate Security Hub Essentials in a non-production organization unit.
  • Check which AI assets appear from Bedrock, SageMaker, AgentCore, EC2, ECR, ECS, and EKS.
  • Enable GuardDuty AI Protection in a controlled account and review expected finding volume.
  • Build a runbook for cost harvesting: owner, IAM role, model endpoint, CloudTrail evidence, budget impact, and containment action.
  • Add the process to your broader AI automation checklist. LinkLoot's guide to AI workflow automation is a useful companion: /guides/ai-workflow-automation.

What to verify before you act

  • Confirm which AWS Regions support GuardDuty AI Protection and AI-powered investigations for your accounts.
  • Check whether Security Hub Essentials is enabled where your AI workloads actually run.
  • Review GuardDuty pricing after the 30-day trial, especially for high-volume Bedrock and SageMaker usage.
  • Test whether self-hosted model discovery catches your actual inference stack: Ollama, vLLM, Hugging Face TGI, custom containers, or third-party APIs.
  • Validate privacy, logging, and response workflows before routing prompt-injection or model-abuse findings into automated remediation.

Source check

Confirmed by: AWS Security Blog states that Security Hub now adds AI workload protection and Azure monitoring. AWS What's New confirms GuardDuty AI Protection for Bedrock and SageMaker, while a separate AWS What's New entry confirms Security Hub AI Inventory and its discovery methods.

Independent context: Constellation Research confirms the same launch package and separates what is generally available from what remains in preview. LinkLoot will treat region expansion, pricing changes, and GA status for AI-powered investigations as update triggers.

FAQ

It is a Security Hub capability that discovers AI assets across AWS accounts and connects them to infrastructure and security findings.